Kooperativer Bibliotheksverbund

UID:

Format: 1 online resource (xx, 359 pages) : , illustrations (some color)

Edition: 2nd ed.

ISBN: 0-12-405915-5

Series Statement: Gale eBooks

Content: This comprehensive book instructs IT managers to adhere to federally mandated compliance requirements. FISMA Compliance Handbook Second Edition explains what the requirements are for FISMA compliance and why FISMA compliance is mandated by federal law. The evolution of Certification and Accreditation is discussed. This book walks the reader through the entire FISMA compliance process and includes guidance on how to manage a FISMA compliance project from start to finish. The book has chapters for all FISMA compliance deliverables and includes information on how to conduct a FI

Note: "Patricia Moulder, Technical Editor". , Front Cover; FISMA Compliance Handbook; Copyright; Contents; Dedication; Author Acknowledgments; About the Author; Foreword; Chapter 1: FISMA Compliance Overview; Introduction; Terminology; Processes and paperwork; Templates streamline the process; FISMA oversight and governance; Supporting government security regulations; Summary; References; Chapter 2: FISMA Trickles into the Private Sector; Introduction and authorities; Inspector general reports; What should NGOs do regarding FISMA?; FISMA compliance tools; Summary; Chapter 3: FISMA Compliance Methodologies; Introduction , The NIST risk management framework (RMF)Defense information assurance C&A process (DIACAP); Department of defense (DoD) risk management framework (RMF); ICD 503 and DCID 6/3; The common denominator of FISMA compliance methodologies; FISMA compliance for private enterprises; Legacy methodologies; NIACAP (National Information Assurance Certification and Accreditation Process); DITSCAP (Defense Information Technology Certification and Accreditation Process); JAFAN 6/3; Summary; Notes; Chapter 4: Understanding the FISMA Compliance Process; Introduction; Recognizing the need for FISMA compliance , Roles and responsibilitiesChief Information Officer; Authorizing official; Senior Information Security Officer; Senior Agency Privacy Official; Independent assessor team; System owner; Information owner; Information System Security Officer; Document preparation team; Agency inspectors; GAO inspectors; Levels of audit; Stepping through the process; Step 1: Categorize; Step 2: Select; Step 3: Implement; Step 4: Assess; Step 5: Authorize; Step 6: Monitor; FISMA project management; Summary; Chapter 5: Establishing a FISMA Compliance Program; Introduction; Compliance handbook development , What to include in your handbookWho should write the handbook?; Create a standardized security assessment process; Provide package delivery instructions; Authority and endorsement; Improve your compliance program each year; Problems of not having a compliance program; Missing information; Organizational challenges; Inconsistencies in the assessment process; Unknown security architecture and configuration; Unknown risks; Summary; Chapter 6: Getting Started on Your FISMA Project; Introduction; Initiate your project; Put together a contact list; Hold a Kick-off Meeting , Obtain any existing agency guidelinesAnalyze your research; Develop the documents; Its okay to be redundant; Different agencies have different requirements; Include multiple applications and components in one package; Verify your information; Retain your ethics; Summary; Chapter 7: Preparing the Hardware and Software Inventory; Introduction; Determining the system boundaries; Collecting the inventory information; Structure of inventory information; Delivery of inventory document; Summary; Chapter 8: Categorizing Data Sensitivity; Introduction; Heed this warning before you start , Confidentiality, integrity, and availability , English

Additional Edition: ISBN 0-12-405871-X

Additional Edition: ISBN 1-299-80659-7

Language: English

UID:

Format: 1 Online-Ressource (XXX, 431 S.).

ISBN: 978-1-59749-635-3 , 978-1-59749-636-0

Language: English

Subjects: Computer Science

Keywords: Logdatei ; Analyse

URL: Volltext

UID:

Format: 1 online resource (xx, 359 pages) : , illustrations (some color)

Edition: 2nd ed.

ISBN: 0-12-405915-5

Series Statement: Gale eBooks

Content: This comprehensive book instructs IT managers to adhere to federally mandated compliance requirements. FISMA Compliance Handbook Second Edition explains what the requirements are for FISMA compliance and why FISMA compliance is mandated by federal law. The evolution of Certification and Accreditation is discussed. This book walks the reader through the entire FISMA compliance process and includes guidance on how to manage a FISMA compliance project from start to finish. The book has chapters for all FISMA compliance deliverables and includes information on how to conduct a FI

Note: "Patricia Moulder, Technical Editor". , Front Cover; FISMA Compliance Handbook; Copyright; Contents; Dedication; Author Acknowledgments; About the Author; Foreword; Chapter 1: FISMA Compliance Overview; Introduction; Terminology; Processes and paperwork; Templates streamline the process; FISMA oversight and governance; Supporting government security regulations; Summary; References; Chapter 2: FISMA Trickles into the Private Sector; Introduction and authorities; Inspector general reports; What should NGOs do regarding FISMA?; FISMA compliance tools; Summary; Chapter 3: FISMA Compliance Methodologies; Introduction , The NIST risk management framework (RMF)Defense information assurance C&A process (DIACAP); Department of defense (DoD) risk management framework (RMF); ICD 503 and DCID 6/3; The common denominator of FISMA compliance methodologies; FISMA compliance for private enterprises; Legacy methodologies; NIACAP (National Information Assurance Certification and Accreditation Process); DITSCAP (Defense Information Technology Certification and Accreditation Process); JAFAN 6/3; Summary; Notes; Chapter 4: Understanding the FISMA Compliance Process; Introduction; Recognizing the need for FISMA compliance , Roles and responsibilitiesChief Information Officer; Authorizing official; Senior Information Security Officer; Senior Agency Privacy Official; Independent assessor team; System owner; Information owner; Information System Security Officer; Document preparation team; Agency inspectors; GAO inspectors; Levels of audit; Stepping through the process; Step 1: Categorize; Step 2: Select; Step 3: Implement; Step 4: Assess; Step 5: Authorize; Step 6: Monitor; FISMA project management; Summary; Chapter 5: Establishing a FISMA Compliance Program; Introduction; Compliance handbook development , What to include in your handbookWho should write the handbook?; Create a standardized security assessment process; Provide package delivery instructions; Authority and endorsement; Improve your compliance program each year; Problems of not having a compliance program; Missing information; Organizational challenges; Inconsistencies in the assessment process; Unknown security architecture and configuration; Unknown risks; Summary; Chapter 6: Getting Started on Your FISMA Project; Introduction; Initiate your project; Put together a contact list; Hold a Kick-off Meeting , Obtain any existing agency guidelinesAnalyze your research; Develop the documents; Its okay to be redundant; Different agencies have different requirements; Include multiple applications and components in one package; Verify your information; Retain your ethics; Summary; Chapter 7: Preparing the Hardware and Software Inventory; Introduction; Determining the system boundaries; Collecting the inventory information; Structure of inventory information; Delivery of inventory document; Summary; Chapter 8: Categorizing Data Sensitivity; Introduction; Heed this warning before you start , Confidentiality, integrity, and availability , English

Additional Edition: ISBN 0-12-405871-X

Additional Edition: ISBN 1-299-80659-7

Language: English

UID:

Format: 1 online resource (xx, 359 pages) : , illustrations (some color)

Edition: 2nd ed.

ISBN: 0-12-405915-5

Series Statement: Gale eBooks

Content: This comprehensive book instructs IT managers to adhere to federally mandated compliance requirements. FISMA Compliance Handbook Second Edition explains what the requirements are for FISMA compliance and why FISMA compliance is mandated by federal law. The evolution of Certification and Accreditation is discussed. This book walks the reader through the entire FISMA compliance process and includes guidance on how to manage a FISMA compliance project from start to finish. The book has chapters for all FISMA compliance deliverables and includes information on how to conduct a FI

Note: "Patricia Moulder, Technical Editor". , Front Cover; FISMA Compliance Handbook; Copyright; Contents; Dedication; Author Acknowledgments; About the Author; Foreword; Chapter 1: FISMA Compliance Overview; Introduction; Terminology; Processes and paperwork; Templates streamline the process; FISMA oversight and governance; Supporting government security regulations; Summary; References; Chapter 2: FISMA Trickles into the Private Sector; Introduction and authorities; Inspector general reports; What should NGOs do regarding FISMA?; FISMA compliance tools; Summary; Chapter 3: FISMA Compliance Methodologies; Introduction , The NIST risk management framework (RMF)Defense information assurance C&A process (DIACAP); Department of defense (DoD) risk management framework (RMF); ICD 503 and DCID 6/3; The common denominator of FISMA compliance methodologies; FISMA compliance for private enterprises; Legacy methodologies; NIACAP (National Information Assurance Certification and Accreditation Process); DITSCAP (Defense Information Technology Certification and Accreditation Process); JAFAN 6/3; Summary; Notes; Chapter 4: Understanding the FISMA Compliance Process; Introduction; Recognizing the need for FISMA compliance , Roles and responsibilitiesChief Information Officer; Authorizing official; Senior Information Security Officer; Senior Agency Privacy Official; Independent assessor team; System owner; Information owner; Information System Security Officer; Document preparation team; Agency inspectors; GAO inspectors; Levels of audit; Stepping through the process; Step 1: Categorize; Step 2: Select; Step 3: Implement; Step 4: Assess; Step 5: Authorize; Step 6: Monitor; FISMA project management; Summary; Chapter 5: Establishing a FISMA Compliance Program; Introduction; Compliance handbook development , What to include in your handbookWho should write the handbook?; Create a standardized security assessment process; Provide package delivery instructions; Authority and endorsement; Improve your compliance program each year; Problems of not having a compliance program; Missing information; Organizational challenges; Inconsistencies in the assessment process; Unknown security architecture and configuration; Unknown risks; Summary; Chapter 6: Getting Started on Your FISMA Project; Introduction; Initiate your project; Put together a contact list; Hold a Kick-off Meeting , Obtain any existing agency guidelinesAnalyze your research; Develop the documents; Its okay to be redundant; Different agencies have different requirements; Include multiple applications and components in one package; Verify your information; Retain your ethics; Summary; Chapter 7: Preparing the Hardware and Software Inventory; Introduction; Determining the system boundaries; Collecting the inventory information; Structure of inventory information; Delivery of inventory document; Summary; Chapter 8: Categorizing Data Sensitivity; Introduction; Heed this warning before you start , Confidentiality, integrity, and availability , English

Additional Edition: ISBN 0-12-405871-X

Additional Edition: ISBN 1-299-80659-7

Language: English

UID:

Format: 1 Online-Ressource (XXX, 431 Seiten).

ISBN: 978-1-59749-636-0 , 978-1-59749-635-3 , 1-59749-636-7

Note: Includes bibliographical references and index. - Effectively analyzing large volumes of diverse logs can pose many challenges. Logging and Log Management helps to simplify this complex process using practical guidance and real-world examples. Packed with information you need to know for system, network and security logging. Log management and log analysis methods are covered in detail, including approaches to creating useful logs on systems and applications, log searching and log review. Comprehensive coverage of log management including analysis, visualization, reporting and moreIncludes information on different uses for logs -- from system operations to regulatory complianceFeatures case Studies on syslog-ng and actual real-world situations where logs came in handy in incident responseProvides practical guidance in the areas of report, log analysis system selection, planning a log analysis system and log data normalization and correlation

Additional Edition: Erscheint auch als Druck-Ausgabe ISBN 978-1-59749-635-3

Additional Edition: Erscheint auch als Druck-Ausgabe ISBN 1-59749-635-9

Language: English

Subjects: Computer Science

Keywords: Logdatei ; Analyse

DOI: 10.1016/C2010-0-65241-2

URL: Volltext

UID:

Format: 1 Online-Ressource (XXX, 431 Seiten).

ISBN: 978-1-59749-636-0 , 978-1-59749-635-3 , 1-59749-636-7

Note: Includes bibliographical references and index. - Effectively analyzing large volumes of diverse logs can pose many challenges. Logging and Log Management helps to simplify this complex process using practical guidance and real-world examples. Packed with information you need to know for system, network and security logging. Log management and log analysis methods are covered in detail, including approaches to creating useful logs on systems and applications, log searching and log review. Comprehensive coverage of log management including analysis, visualization, reporting and moreIncludes information on different uses for logs -- from system operations to regulatory complianceFeatures case Studies on syslog-ng and actual real-world situations where logs came in handy in incident responseProvides practical guidance in the areas of report, log analysis system selection, planning a log analysis system and log data normalization and correlation

Additional Edition: Erscheint auch als Druck-Ausgabe ISBN 978-1-59749-635-3

Additional Edition: Erscheint auch als Druck-Ausgabe ISBN 1-59749-635-9

Language: English

Subjects: Computer Science

Keywords: Logdatei ; Analyse

DOI: 10.1016/C2010-0-65241-2

URL: Volltext

UID:

Format: 1 online resource (463 p.)

Edition: 1st edition

ISBN: 1-283-85557-7 , 1-59749-636-7

Content: Effectively analyzing large volumes of diverse logs can pose many challenges. Logging and Log Management helps to simplify this complex process using practical guidance and real-world examples. Packed with information you need to know for system, network and security logging. Log management and log analysis methods are covered in detail, including approaches to creating useful logs on systems and applications, log searching and log review. Comprehensive coverage of log management including analysis, visualization, reporting and moreIncludes information on

Note: Description based upon print version of record. , Half Title; Logging and Log Management; Copyright; Contents; Acknowledgments; About the Authors; About the Technical Editor; Foreword; Preface; 1 Logs, Trees, Forest: The Big Picture; Introduction; Log Data Basics; What Is Log Data?; How is Log Data Transmitted and Collected?; What is a Log Message?; The Logging Ecosystem; First Things First: Ask Questions, Have a Plan; Log Message Generation; Log Message Filtering and Normalization; Log Message Collection; Logging in the Cloud; Log Analysis; Log Message Long-Term Storage; A Look at Things to Come; Logs Are Underrated; Logs Can Be Useful , Resource ManagementIntrusion Detection; Troubleshooting; Forensics; Boring Audit, Fun Discovery; People, Process, Technology; Security Information and Event Management (SIEM); Summary; References; 2 What is a Log?; Introduction; Definitions; Logs? What logs?; Log Formats and Types; Log Syntax; Log Content; Criteria of Good Logging; Ideal Logging Scenario; Summary; References; 3 Log Data Sources; Introduction; Logging Sources; Syslog; Basic Logging with syslogd; Syslog Message Classification; The "Mark" Facility; Syslog Priority; Syslog.conf; The Mark Interval; Syslogd Output , The Syslog ProtocolSNMP; Managers and Agents; SNMP Traps and Notifications; SNMP Get; SNMP Set; Issues with SNMP as a Log Data Alternative; The Windows Event Log; Log Source Classification; Security-Related Host Logs; Operating System Logs; Network Daemon Logs; Application Logs; Security-Related Network Logs; Network Infrastructure Logs; Security Host Logs; Host Intrusion Detection and Prevention; Summary; 4 Log Storage Technologies; Introduction; Log Retention Policy; Log Storage Formats; Text-Based Log Files; Flat Text Files; Indexed Flat Text Files; Binary Files; Compressed Files , Database Storage of Log DataAdvantages; Disadvantages; Defining Database Storage Goals; What to Store?; Fast Retrieval; Reporting; Hadoop Log Storage; Advantages; Disadvantages; The Cloud and Hadoop; Getting Started with Amazon Elastic MapReduce; Navigating the Amazon; Uploading Logs to Amazon Simple Storage Services (S3); Create a Pig Script to Analyze an Apache Access Log; Processing Log Data in Amazon Elastic MapReduce (EMR); Log Data Retrieval and Archiving; Online; Near-line; Offline; Summary; References; 5 syslog-ng Case Study; Introduction; Obtaining syslog-ng , What Is syslog-ngsyslog-ng?Example Deployment; Configurations; Log Sources; Local syslog-ng Server; Global syslog-ng Server; Database logging; Troubleshooting syslog-ng; Summary; References; 6 Covert Logging; Introduction; Complete Stealthy Log Setup; Stealthy Log Generation; Hiding Logging; Hiding Logging with Misdirection; Stealthy Pickup of Logs; IDS Log Source; Log Collection Server; "Fake" Server or Honeypot; Logging in Honeypots; Honeynet's Shell Covert Keystroke Logger; Honeynet's Sebek2 Case Study; Covert Channels for Logging Brief; Summary; References , 7 Analysis Goals, Planning, and Preparation: What Are We Looking for? , English

Additional Edition: ISBN 1-59749-635-9

Language: English